Returned information on janedoe at domain dot com would defeat the purpose.
If we were trying to get the email address, that would be easy enough - that
would make my life very easy. Unfortunately, I can't ask thousands of
illiterate users to change their Outlooks and their Eudoras to authenticate
with the email address instead of their username.
I don't really see what postfix has to do with this as all of that
is already done and working properly. Cyrus is the only thing that doesn't
work and that does so essentially independent of postfix. But if you think
it will help, I'm strapped for ideas.

On Thu, 2004-03-11 at 22:30, dwt wrote:
> Andreas,
>
> Not exactly. Our table is closer to this:
>
> | Account ID | Username | Password | Email Address |
> |^^^^^^^^^^^^^|^^^^^^^^^^^^|^^^^^^^^^^^^|^^^^^^^^^^^^^^^^^^^^^|
> | 1001 | janedoe | pickles | janedoe at domain1 dot com |
> | 1002 | janedoe | plums | janedoe at domain2 dot com |
> --------------------------------------------------------------
>
> This is done this way because everybody is currently setup
> (thousands of users) to authenticate just using their username, not their
> email address. Perhaps I misunderstood the second comment, but nothing
needs
> to be inserted into the database.
> When an authentication attempt comes in for janedoe on the second
> domain, the only thing the server sees is janedoe and plums. Using the
SASL
> auxprop configuration, it looks for the username janedoe - finds the first
> one and compares the password. The first janedoe entry has a password or
> pickles so the attempt gets rejected. This could be solved if we could
tell
> auxprop to look for a password/username combination in the database, like
> making %p = whatever the user has configured as the password for his email
> client. So when Janedoe #2 tries to send mail she has %u = janedoe and %p
=
> plums in Outlook Express. Out statement would say:
>
> Select password from users where username='%u' and password='%p';
>
> I know this isn't %p, but maybe we can make it that...? Far fetched,
> maybe, but necessary.
How come your postfix retrieves information on janedoe, not
janedoe at whateverdomainitis2 dot com? Can you please turn on logging of all
incoming mysql queries (--log switch of mysqld) ?
And can you please send all your postfix configuration lines that have
to do with sasl?
It would be much more efficient.